Recommendations for DNSSEC Resolvers Operators
draft-ietf-dnsop-dnssec-validator-requirements-07
Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Authors | Daniel Migault , Edward Lewis , Dan York | ||
Last updated | 2024-05-16 (Latest revision 2023-11-13) | ||
Replaces | draft-mglt-dnsop-dnssec-validator-requirements | ||
RFC stream | Independent Submission | ||
Intended RFC status | Informational | ||
Formats | |||
Reviews |
SECDIR Last Call review
(of
-04)
by Charlie Kaufman
Serious issues
DNSDIR Early review
(of
-01)
by James Gannon
On the right track
|
||
Additional resources |
GitHub Repository
|
||
Stream | ISE state | Response to Review Needed | |
Consensus boilerplate | Unknown | ||
Document shepherd | (None) | ||
Shepherd write-up | Show Last changed 2022-10-16 | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | andrew.mcconachie@icann.org |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
The DNS Security Extensions (DNSSEC) defines a process for validating received data and assert them authentic and complete as opposed to forged. While DNSSEC comes with some complexity, at least for non expert, that complexity is mostly abstracted by the resolver. As result, running a resolver with DNSSEC enabled only requires the operator to only follow a very limited set of recommendations. This document provides such recommendations.
Authors
Daniel Migault
Edward Lewis
Dan York
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)